Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 4328 - bug in glibc inet/rexec.c breaks rexec(3) and rexec(1)
Summary: bug in glibc inet/rexec.c breaks rexec(3) and rexec(1)
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: glibc
Version: 6.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact:
URL:
Whiteboard:
: 9715 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-08-03 06:46 UTC by morton
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2002-12-15 04:23:59 UTC


Attachments (Terms of Use)

Description morton 1999-08-03 06:46:16 UTC
rexec(3) should prompt the user for the logname/password if
it's not supplied by the caller, if it's not in the
environment and if it's not in $HOME/.netrc.

The problem is in glibc's inet/rexec.c.  It's passing a nil
pointer into write() and dropping core.

rexec(3) _should_ be calling getuser() and getpass() prior
to doing that write().

I've tried to explain this to Ulrich but the message isn't
getting through.  Perhaps you guys will have more luck.

To demonstrate:

# rm $HOME/.netrc
# rexec -a localhost date
Memory fault - core dumped

Comment 1 Jeff Johnson 1999-08-15 17:06:59 UTC
This appears to be a glibc problem.

Comment 2 morton 1999-08-16 01:38:59 UTC
yes, it is a glibc issue.  Please see the bug-glibc mailing list
discussion "rexec, rexec() and ruserpass()" at
http://sourceware.cygnus.com/ml/bug-glibc/1999-07/ for the full story.

Note also the memory leak which I have identified.

Ulrich tells me that he'll be looking at this issue RSN, but that was
a couple of weeks back.

Comment 3 Cristian Gafton 1999-08-30 01:52:59 UTC
It is really a debate whether we can change the current behavior in
glibc 2.1. I'd be inclined to say no, bacuse this type of change does
not necessarily fits the definition of a bug fix because it leads to a
changed functionality.

I'll make sure that this will get fixed in glibc 2.2, but for 2.1.x
series I'd rather not change it.

Comment 4 morton 1999-08-30 02:57:59 UTC
This is not a matter of changed functionality or of changing the
interface.

Every other rexec(2) in the world prompts the user if the credentials
are not available.  However glibc's rexec(2) will dereference a nil
pointer and drops core.

It's a bug.

Comment 5 Jeff Johnson 2000-02-28 20:29:59 UTC
*** Bug 9715 has been marked as a duplicate of this bug. ***

Comment 6 Jeff Johnson 2000-02-28 21:51:59 UTC
I can't fix the glibc segfault, but rexec in rsh-0.16-10 now prompts
for password (and exits rather than segfaulting).

Comment 7 Cristian Gafton 2000-05-22 14:53:59 UTC
assign to jakub


Note You need to log in before you can comment on or make changes to this bug.